type hal_mlipay_hwservice, hwservice_manager_type;

type hal_mlipay_default, domain;
hal_server_domain(hal_mlipay_default, hal_mlipay)

type hal_mlipay_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_mlipay_default)

# Add hwservice related rules
hal_attribute_hwservice(hal_mlipay, hal_mlipay_hwservice)

binder_call(hal_mlipay_client, hal_mlipay_server)
binder_call(hal_mlipay_server, hal_mlipay_client)

hal_client_domain(system_app, hal_mlipay)

allow hal_mlipay_default {
    tee_device
    ion_device
    vendor_dmabuf_qseecom_heap_device
    vendor_dmabuf_qseecom_ta_heap_device
}: chr_file rw_file_perms;

r_dir_file(hal_mlipay_default, firmware_file)

get_prop(hal_mlipay_default, vendor_fp_prop)
set_prop(hal_mlipay_default, vendor_mlipay_prop);

allow hal_mlipay_client hal_mlipay_server:binder { call transfer };
allow hal_mlipay_client hal_mlipay_server:binder transfer;
allow hal_mlipay_client hal_mlipay_server:fd *;
allow hal_mlipay_client hal_mlipay_hwservice:hwservice_manager find;
allow hal_mlipay_server hal_mlipay_client:binder transfer;
allow hal_mlipay_server hal_mlipay_client:binder { call transfer };
allow hal_mlipay_server hal_mlipay_client:fd *;
allow hal_mlipay_default hal_mlipay_hwservice:hwservice_manager add;
allow hal_mlipay_default tee_device:chr_file rw_file_perms;
allow hal_mlipay_default ion_device:chr_file r_file_perms;
allow hal_mlipay_default firmware_file:dir r_dir_perms;
allow hal_mlipay_default firmware_file:file r_file_perms;
allow hal_mlipay_default ion_device:chr_file rw_file_perms;
allow hal_mlipay_default rootfs:lnk_file r_file_perms;
allow hal_mlipay_default vendor_dmabuf_qseecom_heap_device:chr_file { ioctl open read };
allow hal_mlipay_default vendor_dmabuf_qseecom_ta_heap_device:chr_file { ioctl open read };
allow hal_mlipay_default hal_mtdservice_default:binder transfer;
get_prop(hal_mlipay_default, vendor_system_prop)
set_prop(hal_mlipay_default, vendor_payment_security_prop)
hwbinder_use(hal_mlipay_default)
add_hwservice(hal_mlipay_server, hal_mlipay_hwservice)
